<?php

/*
 *  This file is part of Urd.
 *
 *  Urd is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
 *  the Free Software Foundation; either version 3 of the License, or
 *  (at your option) any later version.
 *  Urd is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License
 *  along with this program. See the file "COPYING". If it does not
 *  exist, see <http://www.gnu.org/licenses/>.
 *
 * $LastChangedDate: 2008-06-14 11:01:35 +0200 (Sat, 14 Jun 2008) $
 * $Rev: 1161 $
 * $Author: styck $
 * $Id: getfile.php 1161 2008-06-14 09:01:35Z styck $
 */

@define('ORIGINAL_PAGE', $_SERVER['PHP_SELF']);

$pathgf = realpath(dirname(__FILE__));

require_once "$pathgf/../functions/html_includes.php";

$raw = isset($_GET['raw']) ? TRUE : FALSE;
$preview = isset($_GET['preview']) ? TRUE : FALSE;
$is_admin = is_admin($db, $userID);
try {
	if (isset($_GET['file'])) {
		$file = $_GET['file'];
		$file = realpath($file) ;
	} else 
		$file = FALSE;
	if ($file === FALSE)
		fatal_error($LN['error_filenotfound'] . htmlentities(": $file"));
	
	$dlpath = get_dlpath($db);
	$done_path = $dlpath . DONE_PATH . $username . '/';
	$preview_path = $dlpath . PREVIEW_PATH . $username . '/';

	if ($is_admin) {
		if (substr($file, 0, strlen($dlpath)) != $dlpath) {
			fatal_error ($LN['error_filenotallowed'] . htmlentities(": $file"));
		}
	} else {
		if (substr($file, 0, strlen($done_path)) != $done_path && substr($file, 0, strlen($preview_path)) != $preview_path) {
			fatal_error ($LN['error_filenotallowed'] . htmlentities(": $file"));
		}
	}
} catch (exception $e) {
	fatal_error($LN['error_nodlpath'], 'admin_config.php', $LN['error_setithere']);
}
if (!file_exists($file) || !is_readable($file))
	fatal_error($LN['error_filenotfound'] . htmlentities(": $file"));

$ext = strtolower(ltrim(strrchr($file, '.'),'.'));
$type = real_mime_content_type($db, $file, TRUE);
$filename = substr($file, strrpos($file, '/')+1);
$size = filesize($file);

if (in_array($ext, array('nfo', 'log'))) {
	$type = 'text/html';
	$size += strlen('<html><body><pre></pre></body></html>');
}

$is_image = in_array($ext, array('jpeg', 'jpg', 'gif', 'png'));
$is_text = in_array($ext, array('htm', 'html', 'nfo', 'log', 'txt', URDD_SCRIPT_EXT));


$rprefs = load_config($db);
$maxfilesize = $rprefs['maxfilesize'];
if ($maxfilesize != 0 && $size > ($maxfilesize * 1024))
	fatal_error($LN['error_filetoolarge']);

add_stat_data($db, STAT_ACTION_WEBVIEW, $size, $userID);

if (($raw === TRUE && $is_image) || (!$is_image && !$is_text)) {
	header("Content-Type: $type");
	header("Content-Length: $size");
	header('Content-Description: URD Generated Data');
    if ($type != 'text/plain' && !$is_image) 
        header("Content-Disposition: attachment; filename=\"$filename\"");
}

// turn off output buffering otherwise large files will be hit by the memory limit
set_time_limit(0);
if ($is_text && $size < (1024*1024)) {
	$text = file($file);
	if ($ext == 'nfo') 
		header('Content-Type: text/html; charset=CP866'); // For fancy logos

	// To prevent firefox from interpreting this as a non-text-file BAD FIREFOX BAD
	echo '<html><body><pre>';
	foreach ($text as $line) {
		if (preg_match('|(http://[\w.+/?\-&;%=]*/?)|', $line, $matches) == 1){
			$url = trim($matches[1]);	
			$line = str_replace($url, "<a href=\"$url\">$url</a>",$line);
		}
		echo $line;
	}
	echo '</pre></body></html>';
} else if ($is_image && $raw === FALSE) {
	$i_size = @getimagesize($file);
	if ($i_size === FALSE)
		throw new exception('Not a valid image');
	$width = $i_size[0];
	$height = $i_size[1];
	$def_width = $prefs['screen_width'];
	$def_height = $prefs['screen_height'];
	if ($width > $def_width && $def_width > 0) {
		$f = $width /$def_width;
		$height /= $f;
		$width = $def_width;
	} 
	if ($height > $def_height&& $def_height > 0) {
		$f = $height /$def_height;
		$width /= $f;
		$height = $def_height;
	}
	if ($preview) {
		$smarty->assign('header', 'barehead.tpl');
		$smarty->assign('footer', 'barefoot.tpl');
	} else {
		$smarty->assign('header', 'head.tpl');
		$smarty->assign('footer', 'foot.tpl');
	}
	$smarty->assign('width', round($width));
	$smarty->assign('height', round($height));
	$smarty->assign('title', ltrim($filename, '/'));
	$smarty->assign('size', readable_size($size, 0, $LN['byte_short']));
	$base_url = get_config($db, 'url');
	$smarty->assign('url',$base_url . "html/getfile.php?raw=1&amp;file=" . urlencode($file));
	$smarty->assign('menu',	generate_menu($LN));
	$smarty->display('getfile.tpl');
} else { 
    @ob_end_flush();
	readfile($file);
}

die(); // make sure there is no more content appended

?>
